Search Results (26448 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-6710 1 Google 1 Android 2025-04-12 N/A
An information disclosure vulnerability in the download manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not have access to. Android ID: A-30537115.
CVE-2016-4497 1 Panasonic 1 Fpwin Pro 2025-04-12 N/A
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
CVE-2014-5213 1 Novell 1 Edirectory 2025-04-12 N/A
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
CVE-2016-5842 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 7.5 High
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVE-2015-6474 1 Ibc Solar 2 Danfoss Tlx Pro\+, Servemaster Tlp\+ 2025-04-12 N/A
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code.
CVE-2016-6693 1 Google 1 Android 2025-04-12 N/A
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.
CVE-2015-6469 1 Ibc Solar 2 Danfoss Tlx Pro\+, Servemaster Tlp\+ 2025-04-12 N/A
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors.
CVE-2015-7759 1 F5 8 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 5 more 2025-04-12 N/A
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery.
CVE-2016-2146 2 Fedoraproject, Uninett 2 Fedora, Mod Auth Mellon 2025-04-12 N/A
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data.
CVE-2016-5848 1 Siemens 1 Sicam Pas\/pqs 2025-04-12 6.7 Medium
Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges.
CVE-2015-7770 1 Dell 1 Sonicwall Totalsecure Tz 100 Firmware 2025-04-12 N/A
Dell SonicWall TotalSecure TZ 100 devices with firmware before 5.9.1.0-22o allow remote attackers to cause a denial of service via a crafted packet.
CVE-2016-6644 1 Emc 1 Documentum D2 2025-04-12 N/A
EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value.
CVE-2016-6627 1 Phpmyadmin 1 Phpmyadmin 2025-04-12 N/A
An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
CVE-2016-3185 1 Php 1 Php 2025-04-12 N/A
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
CVE-2015-1142 1 Apple 1 Mac Os X 2025-04-12 N/A
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service (Finder crash) via crafted localization data.
CVE-2015-4945 1 Ibm 1 Maximo Anywhere 2025-04-12 N/A
Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 through 7.5.1.2 for Android allows attackers to bypass a passcode protection mechanism and obtain sensitive information via a crafted application.
CVE-2015-4197 1 Cisco 3 Nexus 7000, Nexus 7700, Nx-os 2025-04-12 N/A
Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415.
CVE-2015-1105 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent (aka out-of-band data) mechanism, which allows remote attackers to cause a denial of service via crafted packets.
CVE-2015-1102 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-12 N/A
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors.
CVE-2015-1097 1 Apple 2 Iphone Os, Tvos 2025-04-12 N/A
IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.